On 4/8/06, Max Bowsher <maxb1@ukf.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Garrett Rooney wrote:
> > One thing I'd like to see resolved before 1.4 goes out the door is the
> > question about providing a way to limit access to replay
> > functionality. The argument is that replay and svnsync encourage
> > users to put a rather high amount of load on a system, so we should
> > provide users with a way to either turn it off, or hopefully just turn
> > it off for part of the system.
>
> Ouch.
>
> Whilst clearly it's not good for servers to be hammered into the ground
> by scores of users syncing repositories, it would be a very great shame
> if this nice new feature ending up being turned off on the majority of
> significant Subversion installations.
Personally, I'm just looking for a way to keep people from syncing
entire repositories. I think it's reasonable for people to keep a
mirror of a specific branch, for example, but I don't want just
anybody to be able to mirror all of svn.apache.org/repos/asf, it's
just asking for trouble. We have enough trouble as it is with people
accidentally checking out the root of repositories and getting way
more than they expected (with the corresponding load on the server
that results from such actions). Hopefully this feature can help
avoid both the new potential problems (replay) and the old ones (big
checkouts), while leaving a way for admins to turn it on when
appropriate, hopefully on a per-user basis.
> Perhaps we could consider rate-limiting rather than outright blocking of
> the feature as a DoS avoidance strategy?
I'm open to suggestions as to how such a feature would be implemented.
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Apr 8 20:05:43 2006